Showing posts from May, 2014

Buffer Exploits and Heartbleed

This is an old post that I had written on my personal blog back in May 2014! Hey guys today lets talk about this years one of the biggest security vulnerabilities so far the"Heartbleed" bug. Before we proceed to heartbleed lets first understand what a buffer is.. Basically when we are writing a program in basic languages like C or FORTRAN while taking an input of a string or an array we need to pre define how big the string or the array might be. So after say defining the size the compiler takes note of it and keeps certain amount of memory reserved for the particular string in the memory block. That is know as a buffer. Now that much block can keep only the set amount of data there. A buffer overflow happens when say the predefined value for the buffer is 30 chars and that what is received is 60 chars. The buffer overflows and the additional data received is stored in another unallocated memory blocks. Problems pop up either when the data is read or when the data siz